Externalisation de la configuration du vhost du reverse proxy
This commit is contained in:
parent
3e7a879849
commit
cc61150916
7 changed files with 1 additions and 52 deletions
13
README.md
13
README.md
|
@ -3,8 +3,7 @@
|
|||
|
||||
## Services fournis
|
||||
|
||||
- main.yml : Installation de wikijs sur un serveur docker_host
|
||||
- configure_reverse_proxy.yml : Configuration d'un reverse proxy préalablement installé par le role reverse_proxy
|
||||
Installation de wikijs sur un serveur docker_host
|
||||
|
||||
|
||||
## Variables
|
||||
|
@ -18,11 +17,6 @@ docker_wikijs_service_id: wikijs
|
|||
docker_wikijs_db_name: wikijs
|
||||
docker_wikijs_db_user: wikijsdbuser
|
||||
docker_wikijs_db_password: mdp_de_wikijsdbuser
|
||||
docker_wikijs_rp_cert: LE
|
||||
docker_wikijs_rp_docker_host: machine.domaine.local
|
||||
docker_wikijs_rp_access_policy: OpenAccessPolicy
|
||||
docker_wikijs_rp_indexing: AllowCrawlerIndexing
|
||||
docker_wikijs_rp_waf: "On"
|
||||
```
|
||||
|
||||
| Option | Valeur par défaut | Description |
|
||||
|
@ -33,11 +27,6 @@ docker_wikijs_rp_waf: "On"
|
|||
| docker_wikijs_db_name | | Nom de la base de données postgres pour wikijs |
|
||||
| docker_wikijs_db_user | | Nom du user postgres propriétaire de la base de données |
|
||||
| docker_wikijs_db_password | | Mot du passe du user postgres |
|
||||
| docker_wikijs_rp_docker_host | | pour configure_reverse_proxy.yml: fqdn de la machine contenant le conteneur docker |
|
||||
| docker_wikijs_rp_cert | LE | Type de certificat pour le reverse proxy (LE = letsencrypt) |
|
||||
| docker_wikijs_rp_access_policy | | Modèle d'autorisation d'accès du reverse proxy |
|
||||
| docker_wikijs_rp_indexing | | Stratégie du reverse proxy vis à vis des robots |
|
||||
| docker_wikijs_rp_waf | | Activation websecurity du reverse proxy |
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
docker_wikijs_rp_cert: LE
|
|
@ -3,8 +3,3 @@
|
|||
docker-compose up -d
|
||||
args:
|
||||
chdir: /opt/{{ docker_wikijs_service_id }}/
|
||||
|
||||
- name: reverse-proxy-reload
|
||||
service:
|
||||
name: apache2
|
||||
state: reloaded
|
||||
|
|
|
@ -1,11 +0,0 @@
|
|||
- name: prepare reverse_proxy
|
||||
template:
|
||||
src: "{{ item }}"
|
||||
dest: /etc/apache2/vhosts.d/{{ docker_wikijs_fqdn }}/
|
||||
with_items:
|
||||
- 0_vhost.conf
|
||||
- 1_vhost_additional.conf
|
||||
- 2_mds_exclusion.conf
|
||||
notify: reverse-proxy-reload
|
||||
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
# {{ ansible_managed }}
|
||||
Use vhost_HTTPS_Generic {{ docker_wikijs_fqdn }} {{ docker_wikijs_rp_cert }} http {{ docker_wikijs_rp_docker_host }} info {{ docker_wikijs_rp_access_policy }} {{ docker_wikijs_rp_indexing }} {{ docker_wikijs_rp_waf }}
|
|
@ -1,5 +0,0 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
<Location />
|
||||
ProxyErrorOverride Off
|
||||
</Location>
|
|
@ -1,16 +0,0 @@
|
|||
# {{ ansible_managed }}
|
||||
SecRuleRemoveById 200002
|
||||
SecRuleRemoveById 200004
|
||||
SecRuleRemoveById 921110
|
||||
SecRuleRemoveById 920220
|
||||
SecRuleRemoveById 921110
|
||||
SecRuleRemoveById 930120
|
||||
SecRuleRemoveById 932100
|
||||
SecRuleRemoveById 932105
|
||||
SecRuleRemoveById 932110
|
||||
SecRuleRemoveById 932115
|
||||
SecRuleRemoveById 932160
|
||||
SecRuleRemoveById 933210
|
||||
SecRuleRemoveById 942190
|
||||
SecRuleRemoveById 949110
|
||||
SecRuleRemoveById 980130
|
Loading…
Reference in a new issue